The Most Famous Advanced Persistent Threats in History

Red October, a malware program designed to steal secrets from government and research organizations (including data on mobile devices), was discovered in October 2012 by Russian firm Kaspersky Lab. It was believed to have been operating worldwide for at least five years prior to discovery, stealing a wide range of information, including secrets from diplomatic, trade, military, aerospace, energy and research organizations in Russia, Iran, the U.S. and at least 36 other countries.

The Red October attacks were designed to target multiple platforms, including routers, switches, mobile phones and external storage devices, and adapt their actions to different software environments. Among other things, the malware targeted files associated with cryptographic systems, including systems used by NATO, European Union, European Parliament and European Commission departments.

Many of today’s most destructive advanced persistent threats (APTs) were conceived a decade ago, so enterprises that rely on most traditional approaches to cybersecurity are unlikely to succeed against the next generation of attacks. This is one of the cautions in a new book published by global IT association ISACA in cybersecurity awareness month.

While new tools are needed to combat ever changing security threats, it is helpful to examine the history of the APT, because it is possible to derive many important lessons for defending against them in the future. The earliest use of the term “advanced persistent threat” emerged from the U.S. government sector in 2005, describing a new, deceptive form of attack that targeted selected employees and tricked them into downloading a file or accessing a website infected with Trojan horse software. This slideshow summarizes known facts, anecdotal evidence and reported claims behind some of the most well known attacks experienced over the last 15 years.

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ... More >>

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ... More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.

By submitting your information, you agree that itbusinessedge.com may send you ITBbusinessEdge offers via email, phone and text message, as well as email offers about other products and services that ITBbusinessEdge believes may be of interest to you. ITBbusinessEdge will process your information in accordance with the Quinstreet Privacy Policy.